1-28
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring the ASA to Integrate with Cisco TrustSec
Monitoring the ASA Integrated with Cisco TrustSec
Note The show cts sgt-map command displays the IP-SGT Manager entries in control path; while the
show cts sxp sgt-map command displays more detailed information like instance number and
peer IP address.
Output:
This example shows detailed information about the each IP-SGT mapped entry in the IP-SGT mapping
database, including whether the entry is activated. Entries are activated when they are used in a security
policy or a security group object.
hostname# show cts sxp sgt-map detail
Total number of IP-SGT mappings : 3
SGT : STBU(7)
IPv4 : 2.2.2.1
Peer IP : 2.2.2.1
Ins Num : 1
Status : Active
SGT : STBU(7)
IPv4 : 2.2.2.0
Peer IP : 3.3.3.1
Ins Num : 1
Status : Inactive
SGT : 6
IPv6 : 1234::A8BB:CCFF:FE00:110
Peer IP : 2.2.2.1
Ins Num : 1
Status : Active
This example summarizes of the mapping information from IP-SGT mapping database:
hostname# show cts sxp sgt-map brief
Total number of IP-SGT mappings : 3
SGT, IPv4: 7, 2.2.2.1
SGT, IPv4: 7, 3.3.3.0
SGT, IPv6: 7, FE80::A8BB:CCFF:FE00:110
peer peer_addr Displays only IP-SGT mappings ipv4_addr peer IP address.
sgt value Displays only IP-SGT mappings ipv4_addr the SGT.
address ipv4_addr
[netmask mask]
Displays only IP-SGT mappings included in the specified IPv4
address or subnet.
address
ipv6_addr[/prefix]
Displays only IP-SGT mappings included in the specified IPv6
address or subnet.
brief Displays only the summary.
detail Displays details, such as the security group name.
To Next Page
Loading...
Need help?
General
